I have a small Citrix farm that's giving out ICA files with public IP addresses to clients that are in our internal network. The public IPs are translated (NAT'd from public IP to the appropriate server) and are set as such in the Secure Access Settings. 20.100.100.0 (these aren't public) has Direct specified as its access method; Default method is translated. The internal address and external addresses are correct as well. We do not use a Citrix Access Gateway.
Throughout the day clients will start receiving public IPs in their ICA files despite being in the 20.100.100.0 range.
This problem does not happen consistently, but will happen to all new connections at the same time, and seems to afflict both web interfaces at the same time. Eventually the problem seems to correct itself and the web interfaces start handing out the internal address again.
For what it's worth, I believe I've ruled out other network weirdness. Packet captures show addresses that should match the criteria for the Direct access method.
What's causing this and how do I fix it?
